Wordpress XML-RPC Cyberattack in REAL TIME

Penetration Testing Wiki

WordPress XML-RPC Cyberattack in REAL TIME

Quick video showing a successful attack doing a Denial of Service against a website using WordPress.

To be protected against this cyberattack, do not forget to restrict access to /xmlrpc.php resource only from your IP address (1.2.3.4 in the example below).

For Apache, edit /.htaccess file to add:

<Files "xmlrpc.php"> 
   order deny,allow 
   deny from all 
   allow from 1.2.3.4 
</Files>

 

Leave a Reply

Your email address will not be published. Required fields are marked *